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“Nada es tan permanente como un programa 
temporal del gobierno 

Milton Friedman, economista 
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K+LAB y los análisis de sitios / apps 
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PLATAFORMAS INSEGURAS. 

EL CASO DE 

IMEICOLOMBIA.COM.CO 



Análisis confirma relación de Nation Builder, 
empresa que ayudó a Trump a llegar a la 
presidencia, con dos campañas presidenciales en 
Colombia. 
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UNIDAD PARA LAS VÍCTIMAS 
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Metodología de análisis (sitios webs y apps) 


Características : 

✓ Análisis de la información y técnico 

✓ Reproductibles: ¡Hagan lo ustedes también! 

✓ Se usan softwares libres 

✓ No intrusivo y legal + información previa 

✓ Mirando: transparencia/información, seguridad digital, 
privacidad 


¡Abramos la caja negra! 




¿Porque usar Softwares libres en 
este contexto? 


<K+LAB> 

SEGURIDAD DIGITAL Y PRIVACIDAD 


. Transparencia y confianza: código abierto 
. Reproductibilidad: programas acesibles a todos sin costo 
. Qualidad y eficiencia de las herramientas usadas 






¿Que usamos? 




Powered by 

GNU 


K ! LAB5 

Exodus Privacy: Licencia pública GNU, versión 3.0 
ClassyShark3xodus: Licencia Apache 2.0 
Wireshark: Licencia pública GNU, versión 2.0 
OWASP ZAP: Licencia Apache 2.0 
Burp Comunity Edition 

Apktool (Herramienta de ingeniería inversa para APKs) 
diff (Para ver las diferencias entre las versiones después de ser 
des compiladas) 

ADB (Android Debug) 


para sitios : Waterfox + LiveHTTP Headers + 
CookieManager+ 



Análisis estático (sitio web y app) 
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SEGURIDAD DIGITAL Y PRIVACIDAD 


Sitios webs 

• dominio y dirección IP 
(whois) 

• certificado 

• código fuente (HTML / 
JavaScript) 

• cookies 


Apps 

• información del store 

• permisos 

• rastreadores 

• manifiesto Android 

• parte accesible del código 
fuente 


o 




Análisis de flujo/paquetes 


YOU 


OWASP ZAP www.example.com 



ZAP Root CA 
certifícate 
generated by 
user 



Original 
certifícate send 
by the server 



Capturing outbound/inbound packets: 

Smartphone Apps : HTTPS, DNS 

Website : also HTTPS (with LiveHTTP Headers) 














Permisos en las Apps (CaliValleCorona) 


- App permissions: 35 

com.huawe¡.permission.external_app_settings.USE_COMPONE 

NT 

- me.everything.badger.permission.BADGE_COUNT_WRITE 

- android.permission.READ_APP_BADGE 

- com.oppo.launcher.permission.READ_SETTINGS 

- com.htc.launcher.permission.UPDATE_SHORTCUT 

- android.permission.READ_PHONE_STATE 

- oppo.permission.OPPO_COMPONENT_SAFE 

- com.sonyericsson.home.permission.BROADCAST_BADGE 

- android.permission.ACCESS_FINE_LOCATION 

- android.permission.GET_TASKS 

- android.permission.ACCESS_NETWORK_STATE 

- com.majeur.launcher.permission.UPDATE_BADGE 

- me.everything.badger.permission.BADGE_COUNT_READ 


- com.sonymobile.home.permission.PROVIDER_INSERT_BADGE 
android.permission.WRITE_EXTERNAL_STORAGE 
android.permission.FOREGROUND_SERVICE 
android.permission.CALL_PHONE 
android.permission.READ_EXTERNAL_STORAGE 
com.htc.launcher.permission.READ_SETTINGS 
com.huawei.android.launcher.permission.CHANGE_BADGE 
android.permission.ACCESS_COARSE_LOCATION 
com.sec.android.provider.badge.permission.READ 
com.huawei.android.launcher.permission.READ_SETTINGS 
com.google.android.gms.permission.ACTIVITY_RECOGNITION 
android.pe rmission. INTERNET 

android.permission.ACCESS_LOCATION_EXTRA_COMMANDS 
com.anddoes.launcher.permission.UPDATE_COUNT 
com.sec.android.provider.badge.permission.WRITE 
android. permission.RECEIVE_BOOT_COMPLETED 
com. huawei. android. launcher.permission.WRITE_SETTINGS 
android.permission.ACCESS_BACKGROUND_LOCATION 
android.permission.ACTIVITY_RECOGNITION 
android.permission.WAKE_LOCK 
com.oppo.launcher.pe rmission. WRITE_SETTINGS 
android. permission.BLUETOOTH 



Permisos/tackers CoronApp (Exodus) 
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* l3-.ii 9i% 

Exodus Privacy 



Trackers 


We have found code signature of the following 
trackers ¡n the application: 


Google CrashLytics ► 


RECEIVE_BOOT_COMPLETED 
ejecutarse ai inicio 

FOREGROUND_SERVICE 


B LU ETO OTH_AD MIN 

acceder a los ajustes de Bluetooth 

WAKE_LOCK 



Google Firebase Analytics ► 

A tracker is a piece of software meant to collect 
data about you or your usages. Learn more... 


VJ CALL_PHONE 

llamar directamente a números de 
teléfono 


impedir que el teléfono entre en modo 
de suspensión 

RECEIVE 


CoronApp 


Trackers 

ÍT1 Permissions 



Permissions 


We have found the following permissions in the 
application: 


MAPS_RECEIVE 


BLUETOOTH 



vincular con dispositivos Bluetooth 


ACCESS J/VIFI_STATE 
ver conexiones Wi-Fi 


recibir datos de Internet 

BIND_GET_INSTALL_REFERRER_SER 

VICE 

API Install Referrer de Play 


Installed Versión: 1.2.37 
Created By 

This report has been created the 23 de 
abril de 2020 

See on Exodus Privacy 
See on Google Play 


INTERNET 

tener acceso completo a la red 

ACCESS_NETWORK_STATE 
ver conexiones de red 

Q I ACCESS_C0ARSE_L0CATI0N 

acceder a tu ubicación aproximada 
(basada en red) 


CHANGE_WIFI_STATE 


The icón ! indicates a ’Dangerous' or 'Special' 
- level according to Gooale's protection levels. 


conectarse a redes Wi-Fi y 
desconectarse 



Permissions are actions the application can 
on your phone. Learn more- 


BLUET00TH_PRIVILEGED 

android.permission.BLUETOOTH_PRIVILE 

GED 









response request 


Análisis de tráfico en Coronapp - encontrando una 

vulnerabilidad 1. 





| Request J Response 


Params Headers Hex 


1 POST /household/create HTTP/1.1 

2 app_token: d41d8cd98fGQb204e9800998ecf8427e 

3 Content-Type: application/json 

4 Content-Length: 369 

5 Host: 52.87.234.39:5000 

6 Connection: elose 

7 Accept-Encoding: gzip, deflate 

8 User-Agent: okhttp/4.2.2 

9 

10 {“firstname”: "usuario2 prueba". “lastname": "test" ,"phone":""."client": "api" ."dob": "1900-01-01". "gender": "Hombre" .”app_token": "d41d8cd98f00b204e980O998ecf8427e" ."race": 
"Rom-Gitano" ,"document_type": ”CC" ,"document_number”: "12345678" ."country“: "Colombia" .“city": "Bogotá" ."State": "Bogotá D.C." .“platform":" android" ,"relationship": "Bisnieto" 
"5e83a9e0ebc6fc0001072d65"} 


jaj 


209 

http://52.87. 234.39:5000 

GET 

/user/household/5e83a9e0ebc6fc0001072d65 


200 

191 

JSON 




210 

http://52.87. 234.39:5000 

POST 

/household/create 

V 

200 

734 

JSON 




211 

http://52.87. 234.39:5000 

GET 

/user/household/5e83a9e0ebc6fc0001072d65 


200 

2527 

JSON 




214 

http://connectivitycheck.gsta tic... 

GET 

/generate 204 


204 

102 





215 

https://www.google.com 

GET 

/generate 204 


204 

309 





216 

https://android.clients.google.C-.. 

POST 

/auth/devicekey 


400 

2156 

HTML 

Error 400 (Not Foundjül 


▼ 
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1 ► 


| Request f Response j 

| Raw 

[ Headers | Hex ] 











bj 


HTTP/1.1 200 0K 

Server: nginx/1.17.9 

Date: Tue, 31 Mar 2020 20:47:35 GMT 

Content-Type: application/json; charset=utf-8 

Connection: cióse 

Content-Length: 569 

{"error":false,"message": "Household member Created", “member":{"id": "5e83ac67ebc6fc0001072d80“, “picture": 0, "dob":“ 1900-01-O1T00¡00:00“. “city": "Bogotá" ,"state": "Bogotá D.C. “ , 
"gender": "Hombre", "firstname": "usuario2 prueba", "user": “5e83a9e0ebc6fc00O1072d65“ ,"platform": "android" ,"client": "api" ,"country": "Colombia"," race": "Rom-Gitano" ,"relationship": 
"Bisnieto", "lastname": "test" ."app_token": "d41d8cd98f00b204e9800998ecf8427e" ."createdAt": "2020-03-31T20:47:35.9820258+00:00", "updatedAt": "2020-03-31T20:47:35.9820296+00 : 00" , 
"document_number": "12345678", "document_type": "CC"}} 








































response request 


Análisis de tráfico en Coronapp - encontrando una 

vulnerabilidad. 2. 


1 210 

http://52.l 

37.234.39:5000 

POST 

/household/create 

7 

200 

734 

|SOW I 


http://52.l 

37.234.39:5000 

GET 

/user/household/5e83a9e0ebc6fc0001072d65 


200 

2527 

)SON 


http://connectivitycheck.gstatic... 

https://vmw.google.com 

httpsV/android.clients.google.c... 


/generate_204 

/generate_204 

/auth/devicekey 


Error 400 (Not Found)!!l 


Request Response 


1 GET /user/household/5e83a9e0ebc6fc0QQ1072d65 HTTP/1.1 

2 Host: 52.87.234.39:5000 

3 User-Agent: Dalvik/2.1.0 (Linux: U; Android 9; Android SDK built for x86_64 Build/PSRl.180720.093) 

4 Accept-Encoding: gzip, deflate 

5 Connection: cióse 

6 Accept: */* 

7 app_token: d41d8cd98f00b204e9800998ecf8427e 
S user_token: 

eyJhbGci0iJIUzIlNiIsInR5cCI6IkpXVC39.eyJlbmlxdWVfbmFtZSI6IjVlODNhOWUwZWJjNmZjMDAwMTA3MmQ2NSIsIm5iZiI6MTU4NTY4NzAwOCwiZXhwIj oxNTg4Mj c5MDA4LCJpYXQi0j E10DU20DcwMDh9.UPE_NdBRtNqYzA 
yLhxIPmN8RKoFAb3pmx-tFbwAMTJc 
9 Content-Type: application/json 

110 


211 

http://52.87. 234.39:5000 

GET 

/user/household/5e83a9e0ebc6fc0001072d65 

200 

2527 

JSON 



214 

http://connectivitycheck.gsta tic.. 

GET 

/generate 204 

204 

102 




215 

https://www.google.com 

GET 

/generate 204 

204 

309 



L 

216 

https//android.clients google c.. 

POST 

/auth/devicekey •/ 

400 

2156 

HTML 

Error 400 (Not Found)!!l 

* 
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[ Request [ Response | 

| Raw 

[ Headers ¡ Hex | 









HTTP/1.1 200 OK 
Server; nginx/1.17.9 
Date: Tue, 31 Mar 2020 20:47:3 
Content-Type: application/json 
Connection: cióse 
■ Contení-Length: 2361 


charset=utf-8 


{"error": "false". "data":[{"surveys":[{“id”: "5e83a9f9ebc6fc0001072d67“, "platform": "android", "no_syraptom": "Y", "Ion": -122.084, “lat”: 37.4219983, "app_token": 

"d41d8cd98f00b204e9800998ecf8427e", "user": "5e83a9e0ebc6fC0001072d65". "week_of“: "2020-03-31T20:37:13. 866Z“,"coordinates": [-122.084,37.4219983], "createdAt": 

"2020-03-31T20:37: 13. 866 Z", "updatedAt": "2020- 03- 31T20: 37: 13. 866Z","client“: "api", “hadT ravelledAbroad”:false,"startDate": "0001-01- 01T00:00:00Z","hadContagiousContact":false, 
"hadHealthCare":false).{"id": "5e83a9f9ebc6fc0001072d66", "platform":"android".”no_symptom": "Y", “Ion": -122.084, "lat“: 37.4219983, "app_token”: “d41d8cd98fG0b204e9800998ecf8427e". 
“user" :"5e83a9e0ebc6fc0001O72d65","week_of":"2O20-03-31T2O:37:13.858Z", “coordinates": [-122.084,37.4219983], "createdAt": "2020-03-31T20:37:13.858Z", "updatedAt": 

"2020 - 03 - 31T20: 37: 13.858Z", "Client": "api", “hadTravelledAbroad":false,"startDate”: "00O1-O1-O1T0O:00:0OZ", "hadContagiousContact":false.“hadHealthCare":false}],“user":{“id": 
"5e83a9eOebc6fc00O1072d65“, "picture" :0, "dob”: "19O0-01-OlT00:00:00Z n , "city": “Bogotá", "email": "test2@karisma.org. co","State”: "Bogotá D.C.","gender":"Masculino”,"firstname": 
"usuario prueba", "platform": "android" ,"country":“Colombia",“race": "Escoge una opción","gcm_token“: 

"czwM3u jY/-3E:APA91bHpXX0twPhvtx0Cnyc_28Ii74SSbfDwfTBU2fEy_JBA0Yj HzosPOYmWifDN5P-fsaDAGzGSgM-lii69uVH4hyeWbA5XqsB8kwqqH4wl0egT0EchIH4lFY8yDyKP8cRpUVy9cwkT“," last ñame":"test", I 

”week_of": "2020-O4-01T2O:36:48.512Z", "active”:"Y","isAdmin":false.“app": "d41d8cd98f00b2O4e98OO998". "age": 120, "ageGroup":"80","token": 

“eyJhbGci0i3IUzIlNiIsInR5cCI6IkpXVC19.eyJlbmlxdWVfbmFtZSI6IjVlODNhOWUwZWJj NmZjMDAwMTA3MmQ2NSIsIm5iZiI6MTU4NTY4NzAw0CwiZXhwIjoxNTg4Mjc5MDA4LCJpYX0i0j E10DU20DcwMDh9. UPE_NdBRtNqY I 
zAyLhxIPmN8RKoFAb3pmx-tFbwAMTJ c". “device_id”: "4dclb4ebl3a5f495" ,"document_number”: "12345678”. "document_type“:"CC","createdAt": "2020-03-31T20:36:48.512Z“ . "updatedAt" : 
"2O20-O3-31T20:36: 48.512Z"}, "id": "5e83ac67ebc6fcO0O1072d8O". "picture" :0. "dob”:“1900-01 -01T00:00:00Z". "city": “Bogotá", “State”: “Bogotá D.C.". "gender": “Hombre". "firstname": 
"usuario2 prueba", "platform": “android" , “country":"Colombia","race”:"Rom -Gitano"," relationship”: "Bisnieto", "lastname": "test”, "appToken": "c41d8cd98fQ0b204e9800998ecf8427e”, 
"createdAt": "202O-O3-31T20:47:35.982Z", "updatedAt":“2020-03 - 31T20:47: 35. 982Z", "documentNumber“: ”12345678", "documentType": "CC"}]} 































Vulnerabilidad Medellin <-> EPM 
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GET https://epm.adminfo.net/vsmart/services/epm/index.php/dataDir/?id=44951&e_=1586810468367 HTTP/1.1 

User-Agent: Mozilla/5.0 (Xll; Ubuntu; Linux x86 64; nr75.0) Gecko/20100101 Firefox/75.0 

Accept: application/json, text/javascript, */*; q=0.01 

Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3 

Origin: https://medellin.gov.co 

Connection: keep-alive 

Referen https://medellin.gov.co/medellinmecuida 
Host: epm.adminfo.net 


HTTP/1.1 200 OK 

Date: Mon, 13 Apr 2020 20:42:33 GMT 
Server: Apache 

Access-Control-Allow-Origin: * 

Access-Control-Allow-Methods: POST, GET, OPTIONS 
Vary: Accept-fcncodinq 
X-Frame-Options: SAMFORIGIN 
X-XSS-Protection: l;mode-block 
X-Content-Type-Opt¡ons: nosniff 
Strict-Transport-Security: max-age=631138519 
X-Permitted-Cross-Domain-Policies: none 
Content-Length: 413 
Connection: cióse 

J Contení-Type: application/json; charset=UTF-8 


{ identificación : 44HB , nombre cliente' :"CARDOIMMBta 
Ipt0 :"17005", "dése dpto ¡’ANTIOQUIA', coordenada 

"CRÍ^WBBhBÍ^MWIIIMB^BIÍbMBI )’, i od i ateguria :'l", 

: 1 Bajo', val laetuia :190253.10 ,r ) 


|_X 

de 


BfiMÉÉA&rififiHS , cod ciudad :' 1700501001", dése <iudad :' MEDELLIN 
.75.601952' ,' coordenada y :'6.MMtT*, ribl ' ion : 

:_categoria RESIDENCIAL-, (od_estrato :"4", dése estrato ESTRATO 















Vigilancia intensa de CaliValleCorona 


File Edit View Analyse Report Jools import Online Help 

safe Mode • l> ► 0 X ■ h ■ a|(Í 

y Quick Start | Request ] Response^ | ^ Sites | ~ Histoty Search | ^ Alerté*} HTTP SessionTj Output } -fr ] 


O [, Filter: OFF f Export 


Id 

Req. Timestamp 

Method 

| URL 


Code 

Reason 

| RTT 

Size R... 

Highest... Note 

Tags 


371 

4/13/20, 10:57:43 PM 

POST 

https://api.calivallecorona.com/api/user-ggps/reporte 

201 

Created 

408 ms 

172 by... 

"* Infor... 

JSON 


A 

382 

4/13/20, 

11:28:20 PM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

201 

Created 

399 ms 

172 by... 

P* Infor... 

JSON 


r 

390 

4/13/20, 

11:43:20 PM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

201 

Created 

515 ms 

172 by... 

P> Infor... 

JSON 



397 

4/14/20, 

12:13:59 AM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

201 

Created 

379 ms 

172 by... 

P> Infor... 

JSON 



409 

4/14/20, 

12:29:00 AM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

201 

Created 

403 ms 

172 by... 

P> Infor... 

JSON 



430 

4/14/20, 

12:59:37 AM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

201 

Created 

468 ms 

172 by... 

P> Infor... 

JSON 



436 

4/14/20, 

1:14:37 AM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

201 

Created 

502 ms 

172 by... 

P> Infor... 

JSON 



448 

4/14/20, 

1:45:15 AM 

POST 

https://api. cativa 

ecorona.com/api/user-ggps/reporte 

201 

Created 

438 ms 

172 by... 

P> Infor... 

JSON 



454 

4/14/20, 

2:00:16 AM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

201 

Created 

510 ms 

172 by... 

P> Infor... 

JSON 



463 

4/14/20, 

2:30:52 AM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

201 

Created 

436 ms 

172 by... 

R) Infor... 

JSON 



478 

4/14/20, 

2:45:53 AM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

504 

Gatew... 

20.12 s 

207 by... 





480 

4/14/20, 

2:46:59 AM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

201 

Created 

291 ms 

172 by... 

P> Infor... 

JSON 



490 

4/14/20, 

3:16:29 AM 

POST 

https://api. cativa 

ecorona.com/api/user-ggps/reporte 

201 

Created 

551 ms 

172 by... 

P< Infor... 

JSON 



497 

4/14/20, 

3:31:30 AM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

201 

Created 

405 ms 

172 by... 

P» Infor... 

JSON 



513 

4/14/20, 

4:02:14 AM 

POST 

https://api. cativa 

ecorona.com/api/user-ggps/reporte 

201 

Created 

411 ms 

172 by... 

P> Infor... 

JSON 



519 

4/14/20, 

4:17:15 AM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

201 

Created 

476 ms 

172 by... 

P> Infor... 

JSON 



529 

4/14/20, 

4:47:57 AM 

POST 

https://api. cativa 

ecorona.com/api/user-ggps/reporte 

201 

Created 

406 ms 

172 by... 

P> Infor... 

JSON 


J 

533 

4/14/20, 

5:02:57 AM 

POST 

https://api.caliva 

ecorona.com/api/user-ggps/reporte 

201 

Created 

404 ms 

172 by... 

P 1 Infor... 

JSON 



547 

4/14/20, 

5:33:40 AM 

POST 

https://api. cativa 

ecorona.com/api/user-ggps/reporte 

201 

Created 

477 ms 

172 by... 

P» Infor... 

JSON 



555 

4/14/20, 

5:48:41 AM 

POST 

https://api. cativa 

ecorona.com/api/user-ggps/reporte 

201 

Created 

418 ms 

172 by... 

P> Infor... 

JSON 



574 

4/14/20, 

6:19:22 AM 

POST 

https://api.calival 

ecorona.com/api/user-ggps/reporte 

201 

Created 

380 ms 

172 by... 

P> Infor... 

JSON 



585 

4/14/20, 

6:34:22 AM 

POST 

https://api. calival 

ecorona.com/api/user-ggps/reporte 

504 

Gatew... 

20.21 s 

207 by... 





586 

4/14/20, 

6:35:29 AM 

POST 

https://api. calival 

ecorona.com/api/user-ggps/reporte 

201 

Created 

282 ms 

172 by... 

P* Infor... 

JSON 



597 

4/14/20, 

7:04:59 AM 

POST 

https://api. calival 

ecorona.com/api/user-ggps/reporte 

201 

Created 

404 ms 

172 by... 

P> Infor... 

JSON 



601 

4/14/20, 

7:20:00 AM 

POST 

https://api. calival 

ecorona.com/api/user-ggps/reporte 

201 

Created 

391 ms 

172 by... 

P> Infor... 

JSON 



618 

4/14/20, 

7:50:37 AM 

POST 

https://api. calival 

ecorona.com/api/user-ggps/reporte 

201 

Created 

496 ms 

172 by... 

P* Infor... 

JSON 



624 

4/14/20, 

8:05:37 AM 

POST 

https://api. calival 

ecorona.com/api/user-ggps/reporte 

201 

Created 

415 ms 

172 by... 

P> Infor... 

JSON 



634 

4/14/20, 

8:36:21 AM 

POST 

https://api. calival 

ecorona.com/api/user-ggps/reporte 

201 

Created 

378 ms 

172 by... 

P> Infor... 

JSON 



645 

4/14/20, 

8:51:22 AM 

POST 

https://api. calival 

ecorona.com/api/user-ggps/reporte 

201 

Created 

481 ms 

172 by... 

P> Infor... 

JSON 



657 

4/14/20, 

9:22:01 AM 

POST 

https://api. calival 

ecorona.com/api/user-ggps/reporte 

201 

Created 

423 ms 

172 by... 

P> Infor... 

JSON 


A 

660 

4/14/20, 

9:37:02 AM 

POST 

https://api. calival 

ecorona.com/api/user-ggps/reporte 

201 

Created 

397 ms 

172 by... 

P> Infor... 

JSON 


T 

Alerts P> 1 

P>0 ^ 0 RJ2 Primary Proxy: 192.168.0.17:8080 



Current Scans # 0 ■©O <30 0 D 0 ©0 *0 

y* o 

m 

0 
































■ assets 

■ kotlin 

■ META-1NF 

■ original 
Ül res 
(■ smali 

■ smali_classes2 

■ unknown 

@ AndroidManifest.xml 
js] apktool.yml 


Usando apktool 


■anoroia : screenurientaTion» ana roía: rnere= et - - - j /> 

<meta-data android: ñame» com.google.android.geo.API KEY" android: valué»" AIzaSyBap804eY3xDn y INjrybKk0sp3c6bDEw‘'/> 
«uses-library android :name= org.apache.http.legacy android: required= false"/> 



Service android:enabled="true" andró 

id:exported="false" android:label="@stnnq/app ñame 


ame»"com.hypelabs.hype.HypeService"/ 



«provider android :authorities» co.gov. ins.guardianes.crashlyticsinitprovider" android :exported= "false" 
|android:initOrder= 90 ’ android :nane» "com.crashlytics.android.Crashlyticsinitprovider /> 

«Service android :directBootAware=t rué’ android :exported= false" 

Iandroid: ñame»' androidx.room.HultiInstanceInvalidationService”/> 

«Service android :directBootAware=t rué' android :exported»’ false" 

|android :name=" com.google.fi rebase.components,ComponentDiscoveryService"> 

«meta-data 

Iandroid :nane=" com.google.fi rebase.components:com.google.fi rebase.analytics.connector.internal.AnalyticsConnectorRegistrar" 
■android: valué» "com.google.firebase.components.ComponentRegist rar"/> 

«meta-data android :nane=" com.google.fi rebase.components:com.google.fi rebase.iid.Registrar" 
landroid: valué» "com. google.fi rebase.components.ComponentRegistrar"/> 

«/service> 

«receiver android :exported= trué" android:name=“com.google.firebase.iid.FirebaseInstanceIdReceiver" 

¡android: permission»’ com.google.and roid.c2dm.permission.SEND"> 

«intent-filter> 

«action android: ñame» com.google.android.c2dm.intent.RECEIVE"/> 

«/intent-filter> 

«/receiver» 

I. t- ^ ^ ^ - 4- ^ A — _ ■Nrt/ji-AÍ A i 


PRESS RELEASE: Paid contení 


HypeLabs’ Contact-Tracing Technology Focused on Privacy Now Available for Immediate | 

Deployment at No Cost for All Countries ^ . . T . . 

1 r 1 CovidApp has alreadv been tested and deployed ín some countnes ín Latín America 

April 14,2020 rr J J 

such as Colombia, the first nation to adopt the system showing the lowest numbers of 
infected patients in the región and is managing the flattening of the curve. 
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SEGURIDAD DIGITAL Y PRIVACIDAD 


Fundación 

Kansma 
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